Solved

ISA, sharepoint and ftp - Forms Based Authentication questions

Posted on 2009-03-30
7
906 Views
Last Modified: 2013-12-04
My company currently has a sharpoint site that is accessed by both internal employees and external clients.  We have created AD accounts for the external people.  We are in the process of setting up and FTP site also that will need the same access.  I am beginning to look into FBA (forms based authentication) so the external users do not need to have accounts created in our active directory.  Would ISA be a good canidate to help me accomplish a cleaner setup of this system?  I am trying to see if this should be an avenue I should look at in order to allow external clients a way to authenticate to our sharepoint and FTP through some central console and allow them access to their info and also allow my internal users a way to securly access these same systems when out of the office?

Thanks for any help.
0
Comment
Question by:martin2478
  • 4
  • 3
7 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24021197
Maybe and maybe not. ISA is a great tool but you sound as though you are moving to the next level here. Have a look at the IAG Server - ISA's sister product in the Forefront: Edge portfolio.

http://www.microsoft.com/forefront/en/us/default.aspx
0
 

Author Comment

by:martin2478
ID: 24021634
Thanks for the response.  I will look more into IAG but it was the forms based authentication that is mentioned in ISA that I am interested in.  Right now I have sharepoint , ftp , and web outlook setup for remote use.  I am really looking for a clean way to authenticate people outside of our company and tie that into them being able to access our ftp and sharepoint sites with the same usernames and passwords without me having to create the accounts in my active directory.

I amy be looking at the wrong app but any more tips would be great.

0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24022807
Understood. But ISA is not a repository. Where are you going to store the account details of external users - I assume an internal SQL server or something?

We used a separate AD in the DMZ and then used identity Lifecycle Manager (ILS) to do all of this with IAG on the outside and ISA on the inside. Have you reviewed the creating the extranet for Sharepoint guides?

That said, if you simply want a control point then yes, ISA will do it.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:martin2478
ID: 24023182
Thanks for the info.  I was planning on using SQL to house external user accounts.

Your setup seems like a secure setup and will have to look into something like that more.

I have not read the extranet for sharepoint guides, I believe I should start there before continuing the conversation to get a better grasp.  But before into reading does this mentality make any sense to you.

Have internal users have AD accounts.  External users use an FBA tied into a SQL database.  Use ISA as a portal for external users to authenticate with and then from there they will have access to our sharepoint and ftp site?

Thanks again for all of your help.  The fog seems to be clearing finally in my head.
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 24023254
your approach is fine - and often adopted. The part where many go wrong is to NOT think about where it might go in the future. For example, if you decide to open up the portal/self-service aspects then are you going to want to have to administrate all of that? the authentication? The authorisation? Small things in the early days but it can grow as the benefits are identified and you want to realise them.

Anyway, this is a useful place to start. For reference we use the split model.
With ISA2006
http://technet.microsoft.com/en-us/library/cc268368.aspx

Extranet
http://technet.microsoft.com/en-us/library/cc263513.aspx#section3
0
 

Author Closing Comment

by:martin2478
ID: 31564323
Thanks for all of your help.  This has me heading in the right direction now.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24043126
Thanks :)
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now